Regenerate Token Signing Certificate

About this task

EFA uses JSON Web tokens for authentication. The RSA keypair for authentication on EFA and SLX expires in 10 years after the date of installation.

Procedure

  1. Run the following command to renew or regenerate token signing certificate: 
    (efa:extreme)extreme@tpvm:/apps$ efa certificate server renew --cert-type=token
Certificate renewal is successful.
--- Time Elapsed: 27.233017418s ---

    After the certificate is updated, it must be pushed to all the registered devices.

  2. Run the following command to update the certificate on the SLX device: 
    (efa:extreme)extreme@tpvm:~$ efa certificate device install --ip=10.x.x.x --cert-type=token
+-------------+---------+
| IP Address  | Status  |
+-------------+---------+
| 10.x.x.x    | Success |
+-------------+---------+
--- Time Elapsed: 2
9037502-00 Rev AA